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DETAILED ACTION 

1 . This action is responsive to the Applicant's submission filed 4/22/04. 

As indicated in Applicant's response, claims 1-33 pending in the office action. 
Claim Rejections - 35 USC §101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new 
and useful impro\ emeni thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. 

3. Claims 1-9 are rejected under 35 U.S.C. 101 because the claimed invention is directed to 

non- statutory subject matter. 

The Federal Circuit has recently applied the practical application test in determining whether the claimed 
subject matter is statutory under 35 U.S.C. § 101. The practical application test requires that a " useful, concrete, 
and tangible result" be accomplished. An "abstract idea" when practically applied is eligible for a patent. As a 
consequence, an invention, which is eligible for patenting under 35 U.S.C. § 101, is in the "useful arts" when it is a 
machine, manufacture, process or composition of matter, which produces a concrete, tangible, and useful result. The 
test for practical application is thus to determine whether the claimed invention produces a "useful, concrete and 
tangible result". 

The current focus of the Patent Office in regard to statutory inventions under 35 U.S.C. § 
101 for method claims and claims that recite a judicial exception (software) is that the claimed 
invention recite a practical application. Practical application can be provided by a physical 
transformation or a useful, concrete and tangible result. The following link on the World Wide 
Web is the United States Patent And Trademark Office (USPTO) reference in terms of 
guidelines on a proper analysis on 35 U.S.C. §101 rejection. 
<http://wm¥.uspto.gov/web/^ 

Specifically, claim 1 recites a system comprising a injector, a redirect code and library of 
functions. As disclosed, the injector is a lightweight piece of pushed down code (Specifications 
pg. 5, top). In whole, the elements recited are software, and the claim amounts to mere listing of 
software elements as in a 'Functional Descriptive Material' type of deficiency (see USC101 
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Guidelines pdf file, Annex IV, pg. 52-54). The claimed subject matter cannot be categorized as 
any of the categories of statutory subject matter; nor can the claim, in the absence of hardware 
support, be deemed capable of realizing the listed software material into real-world application 
data. The claim is rejected for non-statutory subject matter for all of the above reasons. 

Claims 2-9 for not providing hardware support to remedy to the above deficiency, are 
also rejected for not fulfilling the statutory practical Application requirement as identified in part 
by the USC § 101 Guidelines, as set forth above. 

Claim Rejections - 35 USC §102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

5. Claims 1-6, 10-33 are rejected under 35 U.S.C. 102(b) as being anticipated by Calder et 
al, USPubN: 2002/0092003 (hereinafter Calder). 

As per claim 1, Calder discloses a system for controlling an application process 
comprising: 

an injector (step 810, Fig. 8); redirect code (step 540 Fig. 5) operable to be placed in a 
memory of the application process; and 

a library of redirect functions operable to be referenced by the redirect code (step 920 - 
Fig. 9; para 0096, pg. 5) during the application process execution, 

the redirect code operable to intercept a set of target function calls made by the 
application process (intercept 940 - Fig. 9; para 103, pg. 6) and execute the redirect functions 
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for the intercepted target function calls (step 990 - Fig. 9). 

As per claims 2-4, Calder discloses wherein the injector is pushed (interception 
module - para 0096, pg. 5) to a device executing the application process; wherein the set of 
target function calls comprises socket function calls (e.g. Fig. 27); wherein the library of 
redirect functions comprises a dynamic link library (e.g. step 540-Fig.5; Fig. 9). 

As per claim 5, Calder discloses: a secure environment having a plurality of resources 
(e.g. resource request 1335 - Fig. 13); a firewall securing all access to the plurality of 
resources in the secure environment (e.g. Fig. 22-24, 26; para 0076 - pg. 4; Fig. 39-40); and an 
access policy pushed to a device executing the application process, the access policy 
identifying the resources authorized for access by the device (access - para 0074, pg. 3-4; Fig. 
39-40 - Note: Lan and internal network based on access checking and encryption of data reads 
on policy to deny unauthorized intrusion). 

As per claim 6, Calder discloses wherein the application process comprises an 
application operable to communicate with the secure environment resources using an Internet 
transport protocol, the redirect code, and the redirect functions (e.g. Fig. 1-4; Fig. 9; para 103, 
Pg- 6). 

As per claim 10, Calder discloses a method for controlling an application process 
comprising: 

pushing an injector to a device executing the application process (Fig. 8); 
injecting a redirect code into the application process (step 540 Fig. 5); 
executing the redirect code in the application process to reference a redirect library 
(step 920 - Fig. 9; para 0096, pg. 5) of redirect functions; 
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resuming the execution of the application process (e.g. return - Fig. 36 - Note: 
interception with handling via DLL entails a return back to the application after the handler 
code has completed); and 

intercepting at least one target function calls made by the application process and 
executing at least one redirect function (step 990 - Fig. 9) in place of the at least one target 
function calls. 

As per claim 11, Calder discloses: starting the application process; interrupting the 
execution of the application process; and injecting the redirect code into a memory space of the 
application process (Fig. 10-1 1). 

As per claim 12, Calder discloses wherein injecting a redirect code further comprises: 
starting the application process using a debug option; catching an exception thrown by the 
application process; locating memory space in the application process; injecting the redirect 
code into the memory space of the application process; and set an instruction pointer to the 
redirect code (e.g. step 1030 - Fig. 10; Fig. 15, 33, 41). 

As per claim 13, Calder discloses wherein injecting a redirect code further comprises: 
starting the application process using a suspend option; creating memory space in the 
application process; injecting the redirect code into the memory space of the application 
process; and set an instruction pointer to the redirect code (e.g. Fig. 7, 10-11). 

As per claim 14, Calder discloses wherein injecting a redirect code further comprises: 
starting the application process using a suspend option; creating memory space in the 
application process; injecting the redirect code into the memory space of the application 
process; (Fig. 7, 10-11); and use a create remote thread function to execute the redirect code 
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(e.g. Fig. 13; Fig. 15). 

As per claim 15, Calder discloses wherein executing the redirect code comprises: 
loading the redirect library of redirect functions; determining a location of an import table 
replacement (Fig. 7,10 - Note: import table, export table reads on table of routines to insert to 
memory for replacement) function in the redirect library; and executing the import table 
replacement function. 

As per claim 16, Calder discloses table including a dynamic link library (Fig. 10-1 1). 

As per claim 17, Calder discloses wherein executing the import table replacement 
function comprises: searching an import tabic of the application process for the set of target 
function calls; and modifying the target function calls to reference redirect functions in the 
redirect library (Fig. 10-11). 

As per claim 18 Calder discloses wherein executing the import table replacement 
function comprises: searching dynamic link libraries of the application process for the set of 
target function calls; and modifying the target function calls to reference redirect functions in 
the redirect library (e.g. para 0102, pg. 6). 

As per claims 19-21, Calder discloses receiving user information; authenticating the 
user information; pushing an access policy specifying resources accessible by a user associated 
with the user information to a device used by the user; executing redirect functions to enable a 
secured access to a plurality of resources via a firewall ( refer to claim 5) 

As per claim 20, refer to claim 3 

As per claim 22, Calder discloses method comprising: 

receiving user information; authenticating the user information (Fig. 18-19; re claim 5); 
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pushing an injector to a device executing an application process (Fig. 8); and 
intercepting at least one target function call made by the application process to at least 
one of a plurality of secure resources and executing at least one redirect function in place of the 
at least one target function call (step 540 Fig. 5; step 920 - Fig. 9; para 0096, pg. 5). 

As per claim 23, Calder discloses: injecting a redirect code into the application 
process; executing the redirect code in the application process to reference a redirect library of 
redirect functions; and resuming the execution of the application process ( see claim 10). 
As per claims 24-27, refer to claim 11-14, respectively. 
As per claims 28-31, refer to claim 15-18, respectively 
As per claims 32-33, refer to claim 20-21, respectively 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 7-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Calder et al, 
USPubN: 2002/0092003, and further in view of Thomas et al, USPN: 6,148,336 (hereinafter 
Thomas). 

As per claim 7, Calder does not explicitly disclose wherein the application process 
comprises an email application. But GUI -based applications for which resources request are 
being fulfilled to support user's applications is disclosed ( see Fig. 33-34; Fig. 47) in Calder's 
network of Lan users. Users applications having interception of messages with insertion of 
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special code to redirect to a proper validating or readdressing of message request is disclosed 
in Thomas's Web-based paradigm (e.g. Fig. 6; library ... containing a plug-in - col. 9, lines 6- 
40) wherein socket communications are inserted with a plug-in supported via a DLL container 
for redirection with proper binding and re- wrapping ( see Fig. 9-10). Based on Thomas' 
approach to introduce a novel way for addressing IP address filtering drawback wherein Email 
is one such application involving such filtering concern ( see col. 2), it would have been 
obvious for one skill in the art to implement the application examination by Calder ( see Fig. 
33-34; decrypt - Fig. 39) so that the interception of LAN network messages via IP/TCP 
protocol via some dynamic application extension (such as plug-in as by Thomas — see 
SUMMARY of Invention - col. 4-5) would be able examine the likes of Email message content 
and resolve potential incompatibility issues by this extension service such as examining, 
blocking, modifying, decrypting and re-encrypting prior to providing a wrap-up binding 
process ( see Thomas, col. 5) which also endeavored as set forth above by Calder. 

As per claims 8-9, Calder does not disclose wherein the application process comprises 
a web browser application wherein the application process comprises a file transfer 
application. But applications with Winsock (see Thomas ( see Fig. 1-6) or Windows system 
having provision of Dlls ( see Calder para 0081-0082) was known environments in which 
standard file transfer and browser applications would have founded to provide communications 
between users and services. The limitation that applications be Email, or FTP or browser 
messages in light of the interception and redirection as taught by both Calder and Thomas 
would have been obvious for the same rationale as set forth above, because application like 
those require message transfer using a proper protocol, and the interception as purported by 
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Calder or Thomas would support examination of such message internals to provide a modified 
and adjusted redirection as mentioned above in the respective endeavor by Calder and Thomas. 
Conclusion 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tuan A Vu whose telephone number is (571) 272-3735. The 
examiner can normally be reached on 8AM-4:30PM/Mon-Fri. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Lewis Bullock can be reached on (571)272-3759. 

The fax phone number for the organization where this application or proceeding is 
assigned is (571) 273-3735 ( for non-official correspondence - please consult Examiner before 
using) or 571-273-8300 ( for official correspondence) or redirected to customer service at 571- 
272-3609. 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the TC 2100 Group receptionist: 571-272-2100. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be 
obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



/Tuan A Vu/ 

Primary Examiner, Art Unit 2193 
April 21,2008 



